Disclaimer: We may earn a commission if you make any purchase by clicking our links. Please see our detailed guide here.

Follow us on:

Google News

33 Critical Bugs in Wearable Devices Stir Remote Patient Monitoring

Join the Opinion Leaders Network

Join the Techgenyz Opinion Leaders Network today and become part of a vibrant community of change-makers. Together, we can create a brighter future by shaping opinions, driving conversations, and transforming ideas into reality.

The most commonly used protocol for transferring data from wearable devices used for remote patient monitoring contained 33 vulnerabilities, including 19 “critical vulnerabilities” in 2021 alone, according to a report released on Monday.

These are 10 times more critical vulnerabilities than found in 2020, and many of them remain unpatched, revealed the report led by global cybersecurity firm Kaspersky.

The report said some of these vulnerabilities also give attackers the potential to intercept data being sent online from the device.

The MQTT protocol is the most common protocol for transmitting data from wearable devices and sensors. It is easy, convenient, and is found not only in wearable devices but also in almost any smart gadget.

But, authentication is completely optional and rarely includes encryption.

This makes MQTT highly susceptible to man-in-the-middle attacks (when attackers can place themselves between “two parties” while they communicate), meaning any data transferred over the internet could potentially be stolen.

Since 2014, the report revealed that 90 vulnerabilities in MQTT have been discovered, including critical ones, many of which remain unpatched.

“The pandemic has led to a sharp growth in the telehealth market, and this doesn’t just involve communicating with your doctor via video software,” said Maria Namestnikova, Head of the Russian Global Research and Analysis Team (GReAT) at Kaspersky, in a statement.

“We’re talking about a whole range of complex, rapidly evolving technologies and products, including specialised applications, wearable devices, implantable sensors, and cloud-based databases,” she added.

Most wearable devices track both health data, location, and movements, opening up the possibility of not just stealing data but also potentially stalking, the report said.

Further, Kaspersky researchers found vulnerabilities in the MQTT protocol and one of the most popular platforms for wearable devices: the Qualcomm Snapdragon Wearable platform.

There have been more than 400 vulnerabilities found since the platform was launched; not all have been patched, including some from 2020.

Namestnikova said that many hospitals are still using untested third-party services to store patient data, and vulnerabilities in healthcare wearable devices and sensors remain open.

“Before implementing such devices, learn as much as you can about their level of security to keep the data of your company and your patients safe,” she advised.

To keep patient data safe, Kaspersky recommends that healthcare providers must check the security of the application or device, minimize the data transferred by telehealth apps if possible, do not send the location, change passwords from default ones and use encryption.

Join 10,000+ Fellow Readers

Get Techgenyz’s roundup delivered to your inbox curated with the most important for you that keeps you updated about the future tech, mobile, space, gaming, business and more.


Partner With Us

Digital advertising offers a way for your business to reach out and make much-needed connections with your audience in a meaningful way. Advertising on Techgenyz will help you build brand awareness, increase website traffic, generate qualified leads, and grow your business.

Power Your Business

Solutions you need to super charge your business and drive growth

More from this topic